IM worm hits Reuters
PrintBreaking news
Posted in Software & Security, 15th April 2005 11:00 GMT
Free whitepaper – What Exchange can't do - and Dell can
Reuters was temporarily forced to shut down its instant messaging service Thursday after a computer worm spread across its network. The culprit - Kelvir-U - is a variant of a worm family that targets MSN and Windows Messenger clients and previously posed no risk to Reuters' tightly-controlled messaging network. This is the first incident where a virus has targeted a privately controlled user community, IM security firm IMlogic reports.
Security firm Akonix reports that it has received "multiple reports from organizations whose networks have been compromised by the Kelvir worm". It said the latest Kelvir variant is rapidly spreading over instant messaging (IM) networks.
Like other social engineering attacks, the Kelvir-U worm sends an IM to people on an infected user's contact list that encourages the recipient to click on a URL link within the message. Once the link is opened, a version of the Spybot worm is downloaded and the worm then sends itself to the newly-infected user's contact list. Spybot opens up a backdoor on infected machines allowing them to be subsequently misused by hackers for nefarious purposes, such as distributing spam. ®
Related stories
MSN Messenger worm seeds zombie networks
Bofra exploit tied to 'massive botnet'
Botched maintenance - not worm - blamed for MS IM glitch
Download.Ject-style worm spreads via IM
Free whitepaper – Managing desktop software for fun and profit
The Register Agile Data Center Summit
Straight Talk with Dell: Sending out an SaaS
Seven ways to optimize VMware server virtualization
Automating the Acquisition Process with Enterprise Level CRM
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs